modify tests for the code refactor

Author: janishar

src/auth/authentication.ts

@@ -6,7 +6,6 @@ import JWT from '../core/JWT';
 import KeystoreRepo from '../database/repository/KeystoreRepo';
 import { Types } from 'mongoose';
 import { getAccessToken, validateTokenData } from './authUtils';
-import { tokenInfo } from '../config';
 import validator, { ValidationSource } from '../helpers/validator';
 import schema from './schema';
 import asyncHandler from '../helpers/asyncHandler';
@@ -26,10 +25,7 @@ export default router.use(validator(schema.auth, ValidationSource.HEADER),
 			req.user = user;
 
 			const keystore = await KeystoreRepo.findforKey(req.user._id, payload.prm);
-
-			if (!keystore || keystore.primaryKey !== payload.prm)
-				throw new AuthFailureError('Invalid access token');
-
+			if (!keystore) throw new AuthFailureError('Invalid access token');
 			req.keystore = keystore;
 
 			return next();

tests/auth/apikey/unit.test.ts

@@ -11,13 +11,13 @@ describe('apikey validation', () => {
 		mockFindApiKey.mockClear();
 	});
 
-	it('Should response with 400 if api-key header is not passed', async () => {
+	it('Should response with 400 if x-api-key header is not passed', async () => {
 		const response = await request.get(endpoint);
 		expect(response.status).toBe(400);
 		expect(mockFindApiKey).not.toBeCalled();
 	});
 
-	it('Should response with 403 if wrong api-key header is passed', async () => {
+	it('Should response with 403 if wrong x-api-key header is passed', async () => {
 		const wrongApiKey = '123';
 		const response = await request
 			.get(endpoint)
@@ -27,7 +27,7 @@ describe('apikey validation', () => {
 		expect(mockFindApiKey).toBeCalledWith(wrongApiKey);
 	});
 
-	it('Should response with 404 if correct api-key header is passed and when route is not handelled', async () => {
+	it('Should response with 404 if correct x-api-key header is passed and when route is not handelled', async () => {
 		const response = await request
 			.get(endpoint)
 			.set('x-api-key', API_KEY);

tests/auth/authUtils/unit.test.ts

@@ -12,59 +12,53 @@ describe('authUtils validateTokenData tests', () => {
 		jest.resetAllMocks();
 	});
 
-	it('Should throw error when user is different', async () => {
-
-		const userId = new Types.ObjectId(); // Random Key
+	it('Should throw error when subject in not user id format', async () => {
 
 		const payload = new JwtPayload(
 			tokenInfo.issuer,
 			tokenInfo.audience,
-			new Types.ObjectId().toHexString(), // Random Key
+			'abc',
 			ACCESS_TOKEN_KEY,
 			tokenInfo.accessTokenValidityDays
 		);
 
 		try {
-			await validateTokenData(payload, userId);
+			validateTokenData(payload);
 		} catch (e) {
 			expect(e).toBeInstanceOf(AuthFailureError);
 		}
 	});
 
 	it('Should throw error when access token key is different', async () => {
 
-		const userId = new Types.ObjectId(); // Random Key
-
 		const payload = new JwtPayload(
 			tokenInfo.issuer,
 			tokenInfo.audience,
-			userId.toHexString(),
+			new Types.ObjectId().toHexString(),
 			'123',
 			tokenInfo.accessTokenValidityDays
 		);
 
 		try {
-			await validateTokenData(payload, userId);
+			validateTokenData(payload);
 		} catch (e) {
 			expect(e).toBeInstanceOf(AuthFailureError);
 		}
 	});
 
-	it('Should return same payload if all data is correct', async () => {
-
-		const userId = new Types.ObjectId('553f8a4286f5c759f36f8e5b'); // Random Key
+	it('Should return true if all data is correct', async () => {
 
 		const payload = new JwtPayload(
 			tokenInfo.issuer,
 			tokenInfo.audience,
-			userId.toHexString(),
+			new Types.ObjectId().toHexString(), // Random Key
 			ACCESS_TOKEN_KEY,
 			tokenInfo.accessTokenValidityDays
 		);
 
-		const validatedPayload = await validateTokenData(payload, userId);
+		const validatedPayload = validateTokenData(payload);
 
-		expect(validatedPayload).toMatchObject(payload);
+		expect(validatedPayload).toBeTruthy();
 	});
 });
 
@@ -77,7 +71,7 @@ describe('authUtils createTokens function', () => {
 
 	it('Should process and return accessToken and refreshToken', async () => {
 
-		const userId = new Types.ObjectId('553f8a4286f5c759f36f8e5b'); // Random Key
+		const userId = new Types.ObjectId(); // Random Key
 
 		const tokens = await createTokens(<User>{ _id: userId }, ACCESS_TOKEN_KEY, REFRESH_TOKEN_KEY);
 

tests/auth/authentication/mock.ts

@@ -3,27 +3,33 @@ import { API_KEY } from '../apikey/mock';
 
 import User from '../../../src/database/model/User';
 import { Types } from 'mongoose';
-import JWT, { ValidationParams, JwtPayload } from '../../../src/core/JWT';
+import JWT, { JwtPayload } from '../../../src/core/JWT';
 import { BadTokenError } from '../../../src/core/ApiError';
 import Keystore from '../../../src/database/model/Keystore';
+import * as authUtils from '../../../src/auth/authUtils';
+import { tokenInfo } from '../../../src/config';
 
 export const ACCESS_TOKEN = 'xyz';
 
 export const USER_ID = new Types.ObjectId(); // random id with object id format
 
+export const getAccessTokenSpy = jest.spyOn(authUtils, 'getAccessToken');
+
 export const mockUserFindById = jest.fn(async (id: Types.ObjectId) => {
 	if (USER_ID.equals(id)) return <User>{ _id: new Types.ObjectId(id) };
 	else return null;
 });
 
-export const mockJwtDecode = jest.fn(async (token: string): Promise<JwtPayload> => {
-	if (token == ACCESS_TOKEN) return <JwtPayload>{ sub: USER_ID.toHexString() };
-	throw new BadTokenError();
-});
-
 export const mockJwtValidate = jest.fn(
-	async (token: string, validations: ValidationParams): Promise<JwtPayload> => {
-		if (token == ACCESS_TOKEN) return <JwtPayload>{ prm: 'abcdef' };
+	async (token: string): Promise<JwtPayload> => {
+		if (token === ACCESS_TOKEN) return <JwtPayload>{
+			iss: tokenInfo.issuer,
+			aud: tokenInfo.audience,
+			sub: USER_ID.toHexString(),
+			iat: 1,
+			exp: 2,
+			prm: 'abcdef'
+		};
 		throw new BadTokenError();
 	});
 
@@ -39,13 +45,12 @@ jest.mock('../../../src/database/repository/KeystoreRepo', () => ({
 }));
 
 JWT.validate = mockJwtValidate;
-JWT.decode = mockJwtDecode;
 
 export const addHeaders = (request: any) => request
 	.set('Content-Type', 'application/json')
 	.set('x-api-key', API_KEY);
 
-export const addAuthHeaders = (request: any) => request
+export const addAuthHeaders = (request: any, accessToken = ACCESS_TOKEN) => request
 	.set('Content-Type', 'application/json')
-	.set('Authorization', `Bearer ${ACCESS_TOKEN}`)
+	.set('Authorization', `Bearer ${accessToken}`)
 	.set('x-api-key', API_KEY);

tests/auth/authentication/unit.test.ts

@@ -1,6 +1,7 @@
 import {
-	USER_ID, ACCESS_TOKEN, addHeaders, addAuthHeaders,
-	mockUserFindById, mockJwtValidate, mockJwtDecode, mockKeystoreFindForKey
+	ACCESS_TOKEN, addHeaders, addAuthHeaders,
+	mockUserFindById, mockJwtValidate, mockKeystoreFindForKey,
+	getAccessTokenSpy
 } from './mock';
 
 import app from '../../../src/app';
@@ -12,18 +13,17 @@ describe('authentication validation', () => {
 	const request = supertest(app);
 
 	beforeEach(() => {
-		mockUserFindById.mockClear();
+		getAccessTokenSpy.mockClear();
 		mockJwtValidate.mockClear();
-		mockJwtDecode.mockClear();
+		mockUserFindById.mockClear();
 		mockKeystoreFindForKey.mockClear();
 	});
 
 	it('Should response with 400 if Authorization header is not passed', async () => {
 		const response = await addHeaders(request.get(endpoint));
 		expect(response.status).toBe(400);
 		expect(response.body.message).toMatch(/authorization/);
-		expect(mockJwtDecode).not.toBeCalled();
-		expect(mockUserFindById).not.toBeCalled();
+		expect(getAccessTokenSpy).not.toBeCalled();
 	});
 
 
@@ -32,17 +32,19 @@ describe('authentication validation', () => {
 			.set('Authorization', '123');
 		expect(response.status).toBe(400);
 		expect(response.body.message).toMatch(/authorization/);
-		expect(mockJwtDecode).not.toBeCalled();
-		expect(mockUserFindById).not.toBeCalled();
+		expect(getAccessTokenSpy).not.toBeCalled();
 	});
 
 	it('Should response with 401 if wrong Authorization header is provided', async () => {
 		const response = await addHeaders(request.get(endpoint))
 			.set('Authorization', 'Bearer 123');
 		expect(response.status).toBe(401);
 		expect(response.body.message).toMatch(/token/i);
-		expect(mockJwtDecode).toBeCalledTimes(1);
-		expect(mockJwtDecode).toBeCalledWith('123');
+		expect(getAccessTokenSpy).toBeCalledTimes(1);
+		expect(getAccessTokenSpy).toBeCalledWith('Bearer 123');
+		expect(getAccessTokenSpy).toReturnWith('123');
+		expect(mockJwtValidate).toBeCalledTimes(1);
+		expect(mockJwtValidate).toBeCalledWith('123');
 		expect(mockUserFindById).not.toBeCalled();
 	});
 
@@ -51,9 +53,12 @@ describe('authentication validation', () => {
 		expect(response.body.message).not.toMatch(/not registered/);
 		expect(response.body.message).not.toMatch(/token/i);
 		expect(response.status).toBe(404);
-		expect(mockJwtDecode).toBeCalledTimes(1);
-		expect(mockJwtDecode).toBeCalledWith(ACCESS_TOKEN);
-		expect(mockUserFindById).toBeCalledTimes(1);
+		expect(getAccessTokenSpy).toBeCalledTimes(1);
+		expect(getAccessTokenSpy).toBeCalledWith(`Bearer ${ACCESS_TOKEN}`);
+		expect(getAccessTokenSpy).toReturnWith(ACCESS_TOKEN);
 		expect(mockJwtValidate).toBeCalledTimes(1);
+		expect(mockJwtValidate).toBeCalledWith(ACCESS_TOKEN);
+		expect(mockUserFindById).toBeCalledTimes(1);
+		expect(mockKeystoreFindForKey).toBeCalledTimes(1);
 	});
 });

tests/auth/authorization/mock.ts

@@ -1,9 +1,12 @@
 // all dependent mock should be on the top
-import { USER_ID } from '../authentication/mock';
+import { USER_ID, ACCESS_TOKEN } from '../authentication/mock';
 
 import { Types } from 'mongoose';
 import User from '../../../src/database/model/User';
 import Role, { RoleCode } from '../../../src/database/model/Role';
+import { BadTokenError } from '../../../src/core/ApiError';
+import JWT, { JwtPayload } from '../../../src/core/JWT';
+import { tokenInfo } from '../../../src/config';
 
 export const LEARNER_ROLE_ID = new Types.ObjectId(); // random id
 export const WRITER_ROLE_ID = new Types.ObjectId(); // random id
@@ -12,6 +15,9 @@ export const EDITOR_ROLE_ID = new Types.ObjectId(); // random id
 export const USER_ID_WRITER = new Types.ObjectId(); // random id
 export const USER_ID_EDITOR = new Types.ObjectId(); // random id
 
+export const WRITER_ACCESS_TOKEN = 'def';
+export const EDITOR_ACCESS_TOKEN = 'ghi';
+
 export const mockUserFindById = jest.fn(async (id: Types.ObjectId) => {
 	if (USER_ID.equals(id)) return <User>{
 		_id: USER_ID,
@@ -58,10 +64,37 @@ export const mockRoleRepoFindByCode = jest.fn(
 		return null;
 	});
 
+export const mockJwtValidate = jest.fn(
+	async (token: string): Promise<JwtPayload> => {
+		let subject = null;
+		switch (token) {
+			case ACCESS_TOKEN:
+				subject = USER_ID.toHexString();
+				break;
+			case WRITER_ACCESS_TOKEN:
+				subject = USER_ID_WRITER.toHexString();
+				break;
+			case EDITOR_ACCESS_TOKEN:
+				subject = USER_ID_EDITOR.toHexString();
+				break;
+		}
+		if (subject) return <JwtPayload>{
+			iss: tokenInfo.issuer,
+			aud: tokenInfo.audience,
+			sub: subject,
+			iat: 1,
+			exp: 2,
+			prm: 'abcdef'
+		};
+		throw new BadTokenError();
+	});
+
 jest.mock('../../../src/database/repository/UserRepo', () => ({
 	get findById() { return mockUserFindById; }
 }));
 
 jest.mock('../../../src/database/repository/RoleRepo', () => ({
 	get findByCode() { return mockRoleRepoFindByCode; }
-}));
+}));
+
+JWT.validate = mockJwtValidate;

tests/auth/authorization/unit.test.ts

@@ -2,7 +2,7 @@ import { addAuthHeaders } from '../authentication/mock';
 
 // import the mock for the current test after all other mock imports
 // this will prevent the different implementations by the other mock
-import { mockRoleRepoFindByCode, mockUserFindById } from './mock';
+import { mockRoleRepoFindByCode, mockUserFindById, EDITOR_ACCESS_TOKEN } from './mock';
 
 import app from '../../../src/app';
 import supertest from 'supertest';
@@ -39,7 +39,7 @@ describe('authentication validation for writer', () => {
 	});
 
 	it('Should response with 404 if user have writer role', async () => {
-		const response = await addAuthHeaders(request.get(endpoint));
+		const response = await addAuthHeaders(request.get(endpoint), EDITOR_ACCESS_TOKEN);
 		expect(response.status).toBe(404);
 		expect(mockRoleRepoFindByCode).toBeCalledTimes(1);
 		expect(mockUserFindById).toBeCalledTimes(1);

tests/core/jwt/unit.test.ts

@@ -1,5 +1,5 @@
 import { readFileSpy } from './mock';
-import JWT, { JwtPayload, ValidationParams } from '../../../src/core/JWT';
+import JWT, { JwtPayload } from '../../../src/core/JWT';
 import { BadTokenError, TokenExpiredError } from '../../../src/core/ApiError';
 
 describe('JWT class tests', () => {
@@ -17,7 +17,7 @@ describe('JWT class tests', () => {
 		});
 
 		try {
-			await JWT.decode('abc', new ValidationParams(issuer, audience, subject));
+			await JWT.decode('abc');
 		} catch (e) {
 			expect(e).toBeInstanceOf(BadTokenError);
 		}
@@ -46,7 +46,7 @@ describe('JWT class tests', () => {
 
 		const payload = new JwtPayload(issuer, audience, subject, param, validity);
 		const token = await JWT.encode(payload);
-		const decoded = await JWT.decode(token, new ValidationParams(issuer, audience, subject));
+		const decoded = await JWT.decode(token);
 
 		expect(decoded).toMatchObject(payload);
 		expect(readFileSpy).toBeCalledTimes(2);
@@ -69,7 +69,7 @@ describe('JWT class tests', () => {
 			prm: param,
 		};
 		const token = await JWT.encode(payload);
-		const decoded = await JWT.decode(token, new ValidationParams(issuer, audience, subject));
+		const decoded = await JWT.decode(token);
 
 		expect(decoded).toMatchObject(payload);
 		expect(readFileSpy).toBeCalledTimes(2);
@@ -82,7 +82,7 @@ describe('JWT class tests', () => {
 		});
 
 		try {
-			await JWT.validate('abc', new ValidationParams(issuer, audience, subject));
+			await JWT.validate('abc');
 		} catch (e) {
 			expect(e).toBeInstanceOf(BadTokenError);
 		}
@@ -98,7 +98,7 @@ describe('JWT class tests', () => {
 
 		const payload = new JwtPayload(issuer, audience, subject, param, validity);
 		const token = await JWT.encode(payload);
-		const decoded = await JWT.validate(token, new ValidationParams(issuer, audience, subject));
+		const decoded = await JWT.validate(token);
 
 		expect(decoded).toMatchObject(payload);
 		expect(readFileSpy).toBeCalledTimes(2);
@@ -122,7 +122,7 @@ describe('JWT class tests', () => {
 		};
 		const token = await JWT.encode(payload);
 		try {
-			await JWT.validate(token, new ValidationParams(issuer, audience, subject));
+			await JWT.validate(token);
 		} catch (e) {
 			expect(e).toBeInstanceOf(TokenExpiredError);
 		}